Add vaultpass script for vault decryptions

cooldracula · cooldracula · commit bd61e4661fb8 · 2023-07-13T21:26:57.000+12:00
This makes it so that ansible-vault grabs your vault password from your
env vars, so you odn't have to enter it every time and you don't store
it on dosk somewhere to be accidentally committed.

What this doesn't cover is adding the pass to your env vars.  This is
done with export VAULT_PASS=pass, which can be included in your .envrc
if you're using direnv for additional convenience
diff --git a/.vault_pass b/.vault_pass
@@ -0,0 +1,3 @@
+#!/bin/bash
+
+echo $VAULT_PASS
diff --git a/ansible.cfg b/ansible.cfg
@@ -1,5 +1,6 @@
 [defaults]
 callback_whitelist = profile_tasks
+vault_password_file = ./.vault_pass
 
 [ssh_connection]
 pipelining = True

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+#!/bin/bash`
	`2`	`+`
	`3`	`+echo $VAULT_PASS`